Use v2ray-plugin after Nginx #48
Comments
|
Answer 1 The corresponding configuration for shadowsocks-libev with v2ray-plugin. You can run |
it's better using that method or v2ray over Cloudflare Ips? |
This method can also be used behind a CDN like Cloudflare, which is better if you want to run a website. :) |
|
Nginx ss tail -f /var/log/nginx/access.log @M3chD09 |
Try |
|
It works! |
|
Provide a sample Caddyfile: |
|
I can not make this plugin worikng, got these errors from ss-server: Errors from nginx: Nginx conf: server {
listen 443 ssl http2;
server_name subdomain.example.com;
ssl_certificate "/path/to/cert";
ssl_certificate_key "/path/to/key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /path/ {
access_log off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_pass http://localhost:10003;
}
}Server side config: {
"server":"localhost",
"server_port":10003,
"password":"password",
"timeout":300,
"method":"chacha20-ietf-poly1305",
"plugin":"v2ray-plugin",
"plugin_opts":"server;tls;host=subdomain.example.com;path=/path/;cert=/path/to/cert;key=/path/to/key;loglevel=none"
}Client side config: {
"server": "subdomain.example.com",
"server_port": 443,
"password": "password",
"method": "chacha20-ietf-poly1305",
"local_address": "0.0.0.0",
"plugin": "/usr/bin/v2ray-plugin",
"plugin_opts": "tls;host=subdomain.example.com;path=/path/;loglevel=none",
"timeout": 60,
"reuse_port": true
} |
I don't think you need to enable TLS on both ss-server and nginx, TLS on nginx is enough. Try |
|
@M3chD09 Thanks! Worked! |
|
Hey I actually saw your repository for getting v2ray which was really helpful. My current config is that I have a website using docker-nginx. I wonder if I could include a dockerized shadowsocks in my docker-compose so I can deploy with ease. The reason is for consistency, like I had no idea how to proxy_pass from nginx inside docker to the host machine. I was trying to add simple-obfs to my ss-server but I saw it had been deprecated. Not sure if it's still working. I only found the following docker image (for simple obfs) https://hub.docker.com/r/mritd/shadowsocks Not sure if this will still be working, could you give some advice? If this is not working, I wonder if you are interested in dockerizing the v2ray-plugin 👍 Cheers, |
I just created a Dockerfile in my repository and built it on the docker hub. |
|
Is it possible to use shadowsocks-libev + v2ray-plugin + cloudflare with own domain without nginx? Why use nginx? |
|
not works for me, same config as on top, behind CDN loglevel=debug on server: |
|
看一下nginx的日志,似乎是nginx和v2ray直接连接有问题
whoami <[email protected]> 于 2019年4月19日周五 11:43写道:
… not works for me, same config as on top, behind CDN
loglevel=debug on client:
[Info] failed to handler mux client connection >
v2ray.com/core/proxy/freedom: failed to open connection to
tcp:{DOMAIN.TLD}:443 > v2ray.com/core/common/retry: [
v2ray.com/core/transport/internet/websocket: failed to dial WebSocket >
v2ray.com/core/transport/internet/websocket: failed to dial to
(wss://{DOMAIN.TLD}/): 521 Origin Down > websocket: bad handshake] >
v2ray.com/core/common/retry: all retry attempts failed
loglevel=debug on server:
2019-04-19 03:36:38 INFO: plugin "v2ray-plugin" enabled
2019-04-19 03:36:38 INFO: initializing ciphers... aes-256-gcm
2019-04-19 03:36:38 INFO: tcp server listening at 127.0.0.1:35999
2019-04-19 03:36:38 INFO: running from root user
2019/04/19 03:36:38 V2Ray 4.16 (Po) Custom
2019/04/19 03:36:38 A unified platform for anti-censorship.
2019/04/19 03:36:38 [Debug] v2ray.com/core/app/log: Logger started
2019/04/19 03:36:38 [Warning] v2ray.com/core: V2Ray 4.16 started
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#48 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AGNKUHYB3F4OZRXLWNY3A5TPRE5VJANCNFSM4GYMNJBA>
.
|
|
client config, works: not works (domain over Cloudflare CDN):
|
|
@M3chD09 nginx https.conf ss-server.json when use port 80 use port 443 Can you help to look for what happened? |
ss-client config add plugin_opts tls for 443 port |
|
@x007007007 If you know why, please tell me. |
|
ok, now the v2ray-plugin work fine by 443, error reason is I set a wrong plugin-opts, the option "host" have to same as my domain, this is my ss-client config file {
"server": "my domain",
"server_port": 443,
"password": "password",
"method": "aes-256-gcm",
"plugin": "v2ray-plugin",
"plugin_opts": "tls;path=/ss;host=mydomain",
"plugin_args": "",
"timeout": 5
}but who can tell me the reason, why the host must same as my domain? The question are confusing me. |
|
@Zalasento I am not 100% sure, but I believe that the domain name is somewhere in the headers of the packets being sent, so it's basically used for verification that it should go to the correct Shadowsocks, and not, for example, to some other service. It's for authorization. Everyone feel free to correct me if I'm wrong. |
|
can anyone provide a quic config with the ss v2ray-plugin tls |
|
@M3chD09 1. shadowsocks4.1.9.2 configuration on window102. Configuration of client on Kali20192.1 local.json of shadowsocks-libev2.2 error message of chrome2.3 nginx.conf of client ()I used nginx on client because chrome didn't work well on kali so I used nginx as a reverse proxy. The whole content of nginx.conf is as follows: 3 configuration of serverBy the way my VPS has been configured by v2ray+tls+nginx+cdn(cloudflare's cdn) 3.1 configuration of shadowsocks-libev3.2 configuration of nginx on VPS |
and others
Question 1
I wonder whether it is possible to deploy shadowsocks-libev with v2ray-plugin after Nginx
Question 2
What the purpose of Certification for TLS verification in plugin,how to use it?
Thanks
The text was updated successfully, but these errors were encountered: